22 Jul
2021
22 Jul
'21
5:24 p.m.
On Thu, 22 Jul 2021 16:49:37 +1200, Peter Reutemann quoted:
'According to researchers, the vulnerability exists in a function inside the driver that accepts data sent from User Mode via Input/Output Control (IOCTL); it does so without validating the size parameter.'
The idea is copied from Unix, and is also present in Linux. However, Linus Torvalds has been highly critical of the lack of type-safeness of this kind of call. Which is why the Linux kernel API has developed along the direction of adding special “virtual” filesystems like procfs and sysfs to interface with userland, rather than adding lots of ioctl calls.